Open source software vulnerabilities exist for over four years before detection | Dark Hacker News